Plattform
linux
Komponente
redhat-web-terminal
Behoben in
1.10.0
2.5.4
CVE-2025-57853 describes a privilege escalation vulnerability affecting Red Hat Web Terminal versions 1.0.0 through 2.5.3. This flaw allows attackers with command execution capabilities within a container to potentially escalate their privileges to root. The vulnerability arises from improperly configured file permissions during the container image build process, and a fix is available in version 2.5.4.
The primary impact of CVE-2025-57853 is the potential for an attacker to escalate their privileges to root within a container. This allows them to execute arbitrary commands with the highest level of access, effectively taking control of the container's environment. An attacker could then access sensitive data stored within the container, modify system configurations, or even use the compromised container as a launchpad for lateral movement within the broader infrastructure. The blast radius extends to any data or services hosted within the affected container. While the vulnerability requires command execution within the container, the ease of achieving this in some scenarios makes it a significant risk, particularly in environments where containers are used to host critical applications or sensitive data.
CVE-2025-57853 was published on 2026-04-08. Its severity is currently being evaluated. No public Proof-of-Concept (POC) exploits are currently known. There are no indications of active campaigns targeting this vulnerability at this time. Monitor security advisories from Red Hat for updates and further information.
Organizations deploying Red Hat Web Terminal in containerized environments, particularly those using older versions (1.0.0–2.5.3), are at risk. Shared hosting environments where multiple users share a container are especially vulnerable, as an attacker could potentially compromise the entire container.
• linux / server:
find / -name /etc/passwd -perm -g+w• linux / server:
journalctl -u web-terminal | grep -i privilege• linux / server:
ps aux | grep web-terminaldisclosure
Exploit-Status
EPSS
0.00% (0% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-57853 is to upgrade Red Hat Web Terminal to version 2.5.4 or later, which contains the fix. If immediate upgrading is not possible, consider implementing temporary workarounds. Restrict access to the container to only authorized users and processes. Implement strict container resource limits to minimize the potential impact of a successful exploit. Monitor container logs for suspicious activity, particularly attempts to modify the /etc/passwd file. Consider using a Web Application Firewall (WAF) or reverse proxy to filter traffic and block malicious requests. After upgrading, verify the fix by attempting to create a new user with UID 0 within a container running the patched version; this should fail.
Actualice a la versión 2.5.4 o superior de Red Hat Web Terminal. Esta versión corrige el problema al asegurar que el archivo /etc/passwd se cree con permisos adecuados, evitando la modificación no autorizada por usuarios no root.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-57853 is a medium-severity vulnerability in Red Hat Web Terminal versions 1.0.0–2.5.3 that allows attackers to escalate privileges within a container by modifying the /etc/passwd file.
You are affected if you are using Red Hat Web Terminal versions 1.0.0 through 2.5.3 and are running it in a containerized environment.
Upgrade Red Hat Web Terminal to version 2.5.4 or later to resolve the vulnerability. Consider container security hardening measures as an interim step.
There are currently no publicly known active exploitation campaigns for CVE-2025-57853, but it's crucial to apply the patch proactively.
Refer to the official Red Hat security advisory for CVE-2025-57853 on the Red Hat website (search for CVE-2025-57853 on redhat.com).
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.